1 files changed, 21 insertions, 15 deletions
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index 32fec03b8e..50c5f0d755 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -1,7 +1,7 @@
 %
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2007-2016. All Rights Reserved.
+%% Copyright Ericsson AB 2007-2017. All Rights Reserved.
 %%
 %% Licensed under the Apache License, Version 2.0 (the "License");
 %% you may not use this file except in compliance with the License.
@@ -40,7 +40,8 @@
 	 ec_keyed_suites/0, anonymous_suites/1, psk_suites/1, srp_suites/0,
 	 rc4_suites/1, des_suites/1, openssl_suite/1, openssl_suite_name/1, filter/2, filter_suites/1,
 	 hash_algorithm/1, sign_algorithm/1, is_acceptable_hash/2, is_fallback/1,
-	 random_bytes/1, calc_aad/3, calc_mac_hash/4]).
+	 random_bytes/1, calc_mac_hash/4,
+         is_stream_ciphersuite/1]).
 
 -export_type([cipher_suite/0,
 	      erl_cipher_suite/0, openssl_cipher_suite/0,
@@ -156,7 +157,7 @@ cipher_aead(?CHACHA20_POLY1305, CipherState, SeqNo, AAD, Fragment, Version) ->
 aead_cipher(chacha20_poly1305, #cipher_state{key=Key} = CipherState, SeqNo, AAD0, Fragment, _Version) ->
     CipherLen = erlang:iolist_size(Fragment),
     AAD = <<AAD0/binary, ?UINT16(CipherLen)>>,
-    Nonce = <<SeqNo:64/integer>>,
+    Nonce = ?uint64(SeqNo),
     {Content, CipherTag} = crypto:block_encrypt(chacha20_poly1305, Key, Nonce, {AAD, Fragment}),
     {<<Content/binary, CipherTag/binary>>, CipherState};
 aead_cipher(Type, #cipher_state{key=Key, iv = IV0, nonce = Nonce} = CipherState, _SeqNo, AAD0, Fragment, _Version) ->
@@ -279,7 +280,7 @@ aead_ciphertext_to_state(chacha20_poly1305, SeqNo, _IV, AAD0, Fragment, _Version
     CipherLen = size(Fragment) - 16,
     <<CipherText:CipherLen/bytes, CipherTag:16/bytes>> = Fragment,
     AAD = <<AAD0/binary, ?UINT16(CipherLen)>>,
-    Nonce = <<SeqNo:64/integer>>,
+    Nonce = ?uint64(SeqNo),
     {Nonce, AAD, CipherText, CipherTag};
 aead_ciphertext_to_state(_, _SeqNo, <<Salt:4/bytes, _/binary>>, AAD0, Fragment, _Version) ->
     CipherLen = size(Fragment) - 24,
@@ -310,18 +311,21 @@ aead_decipher(Type, #cipher_state{key = Key, iv = IV} = CipherState,
 %%--------------------------------------------------------------------
 suites({3, 0}) ->
     ssl_v3:suites();
-suites({3, N}) ->
-    tls_v1:suites(N);
-suites(Version) ->
-    suites(dtls_v1:corresponding_tls_version(Version)).
+suites({3, Minor}) ->
+    tls_v1:suites(Minor);
+suites({_, Minor}) ->
+    dtls_v1:suites(Minor).
 
-all_suites(Version) ->
+all_suites({3, _} = Version) ->
     suites(Version)
 	++ anonymous_suites(Version)
 	++ psk_suites(Version)
 	++ srp_suites()
         ++ rc4_suites(Version)
-        ++ des_suites(Version).
+        ++ des_suites(Version);
+all_suites(Version) ->
+    dtls_v1:all_suites(Version).
+
 %%--------------------------------------------------------------------
 -spec anonymous_suites(ssl_record:ssl_version() | integer()) -> [cipher_suite()].
 %%
@@ -331,7 +335,9 @@ all_suites(Version) ->
 
 anonymous_suites({3, N}) ->
     anonymous_suites(N);
-
+anonymous_suites({254, _} = Version) ->
+    anonymous_suites(dtls_v1:corresponding_tls_version(Version))
+        -- [?TLS_DH_anon_WITH_RC4_128_MD5];
 anonymous_suites(N)
   when N >= 3 ->
     [?TLS_DH_anon_WITH_AES_128_GCM_SHA256,
@@ -1527,10 +1533,6 @@ is_fallback(CipherSuites)->
 random_bytes(N) ->
     crypto:strong_rand_bytes(N).
 
-calc_aad(Type, {MajVer, MinVer},
-	 #{sequence_number := SeqNo}) ->
-    <<SeqNo:64/integer, ?BYTE(Type), ?BYTE(MajVer), ?BYTE(MinVer)>>.
-
 calc_mac_hash(Type, Version,
 	      PlainFragment, #{sequence_number := SeqNo,
 			       mac_secret := MacSecret,
@@ -1541,6 +1543,10 @@ calc_mac_hash(Type, Version,
 	     MacSecret, SeqNo, Type,
 	     Length, PlainFragment).
 
+is_stream_ciphersuite({_, rc4_128, _, _}) ->
+    true;
+is_stream_ciphersuite(_) ->
+    false.
 %%--------------------------------------------------------------------
 %%% Internal functions
 %%--------------------------------------------------------------------